Jump to content
Sign in to follow this  
GAM

Deleting registry via AutoIt is different from deleting manually

Recommended Posts

GAM

Hi All

I was trying to automate the task which actually should delete the registries and check the log file about the entries. I tried deleting via the regular function "RegDelete" by running the command "RegDelete("HKEY_CURRENT_USERSoftwareMcAfee", "Protection") but it fails.

Actual Functionality via manually :

1) The registry should not get deleted.

2) It throws an error message saying "its protected"

3) Logs should say "its protected"

4) The same result while running the command "C:\Windows\System32\reg delete HKEY_LOCAL_MACHINESOFTWAREMcAfee /v Protection /f"

Result via AutoIT: 

1) The registry does NOT  get deleted (as expected)

2) However the LOGS fails to write the entry saying "its protected".

The query is - Is there anything that am missing here in autoit script?

Help please!!!


Neil

Share this post


Link to post
Share on other sites
GAM

Hi Jos

I see the issue just with this command...

RegDelete("HKEY_CURRENT_USERSoftwareMcAfee", "Protection")

running this command should "fail to delete the registry" AND "should log the same in the log file". The former works as expected but the later fails (logging).


Neil

Share this post


Link to post
Share on other sites
GAM

ahhh ... I got the solution. I have compiled the file and ran the EXE from the command prompt....bingo....


Neil

Share this post


Link to post
Share on other sites
Celtic88

Opt("GUIONEVENTMODE", 1)
Global $REGGUI, $LISTREG, $TREEREG, $LASTREG, $REGTREEVIEW, $LISTVIEWREG, $COMBOREG2, $SAVREGGUI = 0, _
        $INPUTREG, $COMBOREG, $EDITREG, $PROGRESSREG, $LAKEY, $IILASTKEY, $IILASTVAR, $REGLAB, $pppppp

Dim $TREEREG[6][2], $LASTREG[1][2]
$LASTREG[0][0] = 1
$TREEREG[0][0] = 6
Local $REGISTRY, $REGMENU, $ALLKEY = ALLKEY()
$REGGUI = GUICreate("REGISTRY EDITOR BETA", 900, 500, -1, -1, 0X00040000)
GUISetOnEvent(-3, "__EXIT")
$REGTREEVIEW = GUICtrlCreateTreeView(6, 17, 270, 428, 8388662)
GUICtrlSetImage($REGTREEVIEW, @SystemDir & '\SHELL32.DLL', 5)
$REGMENU = GUICtrlCreateContextMenu($REGTREEVIEW)
GUICtrlSetOnEvent(GUICtrlCreateMenuItem("CREATE KEY", $REGMENU), "NEWKEY")
GUICtrlSetOnEvent(GUICtrlCreateMenuItem("DELETE SELECTED KEY", $REGMENU), "DDELKEY")
$REGISTRY = GUICtrlCreateTreeViewItem(@ComputerName, $REGTREEVIEW)
GUICtrlSetImage($REGISTRY, @SystemDir & '\SHELL32.DLL', 16)
For $IO = 1 To $ALLKEY[0]
    $TREEREG[$IO][1] = $ALLKEY[$IO]
    $TREEREG[$IO][0] = GUICtrlCreateTreeViewItem($ALLKEY[$IO], $REGISTRY)
    GUICtrlSetOnEvent($TREEREG[$IO][0], "GOREG")
Next
GUICtrlSetState($REGISTRY, 1024)
$LISTVIEWREG = GUICtrlCreateListView("NAME|TYPE|VALUE", 280, 50, 612, 395)
$REGMENU = GUICtrlCreateContextMenu($LISTVIEWREG)
GUICtrlSetOnEvent(GUICtrlCreateMenuItem("REFRESH", $REGMENU), "GOREG")
GUICtrlSetOnEvent(GUICtrlCreateMenuItem("EDIT", $REGMENU), "MODKEY")
GUICtrlSetOnEvent(GUICtrlCreateMenuItem("NEW VALUE", $REGMENU), "NEWVAR")
GUICtrlSetOnEvent(GUICtrlCreateMenuItem("DELETE", $REGMENU), "DELLKEY")
$COMBOREG = GUICtrlCreateCombo("HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\", 300, 17, 520, 25)
GUICtrlSetOnEvent(GUICtrlCreateIcon("shell32.dll", 23, 848, 11, 32, 32), "GO")
GUICtrlSetCursor(-1, 0)
$PROGRESSREG = GUICtrlCreateProgress(770, 450, 100, 17)
$REGLAB = GUICtrlCreateLabel("", 20, 455, 750, 34)
GUISetState()

While 1
    Sleep(999)
WEnd

Func SETVAR($NVAR, $SREG, $CRL)
    Local $MM, $PL, $PPPP = 0, $ZZMM, $TYPE = REGTYPE(1), $STAT, $SPLITDATA
    GUICtrlSetData($REGLAB, $NVAR)
    If IsArray($LISTREG) Then DELELELIST()
    $SPLITDATA = StringSplit($SREG, "\|/", 1)
    If $SPLITDATA[1] <> "" Then
        $MM = StringSplit($SPLITDATA[1], "\@/", 1)
        Dim $LISTREG[$MM[0] + 1]
        $LISTREG[0] = $MM[0]
        For $IU = 1 To $MM[0] - 1
            $LISTREG[$IU] = GUICtrlCreateListViewItem($MM[$IU], $LISTVIEWREG) ;
            $LISTREG[0] = $IU + 1
        Next
    EndIf
    If $SPLITDATA[2] <> "" Then
        $MM = StringSplit($SPLITDATA[2], "\@/", 1)
        $PL = $TREEREG[0][0]
        ReDim $TREEREG[$MM[0] + $PL][2]
        $STAT = $TREEREG[0][0] - $PL
        For $IU = $PL To ($MM[0] + $PL) - 2
            $PPPP += 1
            GUICtrlSetData($PROGRESSREG, Round(($PPPP * 100) / ($MM[0] - 2), 0))
            $TREEREG[$IU][0] = GUICtrlCreateTreeViewItem($MM[$PPPP], $CRL)
            GUICtrlSetOnEvent($TREEREG[$IU][0], "GOREG")
            $TREEREG[0][0] += 1
            $TREEREG[$IU][1] = $NVAR & "\" & $MM[$PPPP]
        Next
    EndIf
EndFunc   ;==>SETVAR
Func GO()
    Local $IDCRLR, $GETALLREG, $BB, $P, $ID
    $IDCRLR = GUICtrlRead($COMBOREG)
    If StringRight($IDCRLR, 1) <> "\" Then $IDCRLR = $IDCRLR & "\"
    $P = StringSplit($IDCRLR, "\", 1)
    For $ZER = 1 To $P[0] - 1
        $ID = REGONE($BB & $P[$ZER])
        If $ID <> 0 Then
            $GETALLREG = GETNUMVAL($BB & $P[$ZER])
        Else
            $ID = GETTRELL($BB & $P[$ZER], 1, 0)
            $GETALLREG = GETNUMKEY($BB & $P[$ZER])
        EndIf
        SETVAR($BB & $P[$ZER], $GETALLREG, $ID)
        GUICtrlSetState($ID, 1024 + 512 + 256)
        $BB &= $P[$ZER] & "\"
        $pppppp = 1
    Next
EndFunc   ;==>GO
Func GOREG()
    Local $IDCRLR, $READCRLR, $GETALLREG, $IDD
    $IDCRLR = GUICtrlRead($REGTREEVIEW)
    $READCRLR = GETTRELL($IDCRLR, 0, 1)
    If $READCRLR = False Then Return
    $IDD = REGONE($READCRLR)
    If $IDD <> 0 Then
        $GETALLREG = GETNUMVAL($READCRLR)
    Else
        $GETALLREG = GETNUMKEY($READCRLR)
        GUICtrlSetData($COMBOREG, $READCRLR)
    EndIf
    SETVAR($READCRLR, $GETALLREG, $IDCRLR)
    GUICtrlSetState($IDCRLR, 1024 + 512 + 256)
EndFunc   ;==>GOREG
Func NEWKEY()
    Local $IDCRLR, $READCRLR, $ZIO[2], $VARINP
    $ZIO[0] = ""
    $IDCRLR = GUICtrlRead($REGTREEVIEW)
    $READCRLR = GETTRELL($IDCRLR, 0, 1)
    If $READCRLR = False Then Return
    If ALLKEY($READCRLR) = 1 Then Return
    $VARINP = InputBox("KEY NAME ?", "..." & StringRight($READCRLR, 50), "NEW KEY", "", 332, 150, Default, Default, 99, $REGGUI)
    If $VARINP = "" Then Return
    $ZIO[1] = $VARINP & "\@/"
    AUTDDKEYTT($READCRLR & "\" & $VARINP, "", "", "")
    SETVAR($READCRLR, $ZIO, $IDCRLR)
    GUICtrlSetState($IDCRLR, 1024)
EndFunc   ;==>NEWKEY
Func DDELKEY()
    Local $IDCRLR, $READCRLR, $ZIO[2], $VARINP
    $ZIO[0] = ""
    $IDCRLR = GUICtrlRead($REGTREEVIEW)
    $READCRLR = GETTRELL($IDCRLR, 0, 1)
    If $READCRLR = False Then Return
    If ALLKEY($READCRLR) = 1 Then Return
    Local $FRAGE = MsgBox(262144 + 36, "QUESTION", "ARE YOU SURE YOU WANT TO DELETE THIS KEY " & @CR & $READCRLR, 0, $REGGUI)
    If $FRAGE = 7 Then Return
    AUTDELKEY($READCRLR, "")
    GUICtrlDelete($IDCRLR)
EndFunc   ;==>DDELKEY
Func ALLKEY()
    Local $ARR[6] = [5, "HKEY_CLASSES_ROOT" , "HKEY_CURRENT_USER" , "HKEY_LOCAL_MACHINE" , "HKEY_USERS" , "HKEY_CURRENT_CONFIG" ]
    Return $ARR
EndFunc   ;==>ALLKEY
Func NEWVAR()
    Local $IDCRLR, $READCRLR
    $IDCRLR = GUICtrlRead($REGTREEVIEW)
    $READCRLR = GETTRELL($IDCRLR, 0, 1)
    If $READCRLR = False Then Return
    If Not WinExists($SAVREGGUI) Then MKGUI($READCRLR)
EndFunc   ;==>NEWVAR
Func DELLKEY()
    Local $IDCRLR, $READCRLR, $GETVAR, $SPLIT, $FRAGE
    $IDCRLR = GUICtrlRead($REGTREEVIEW)
    $GETVAR = GUICtrlRead(GUICtrlRead($LISTVIEWREG))
    If $GETVAR = "" Then Return
    $READCRLR = GETTRELL($IDCRLR, 0, 1)
    $SPLIT = StringSplit($GETVAR, "|", 1)
    $FRAGE = MsgBox(262144 + 36, "QUESTION", "ARE YOU SURE YOU WANT TO DELETE THIS KEY " & @CR & $READCRLR & "\" & $SPLIT[1], 0, $REGGUI)
    If $FRAGE = 7 Then Return
    AUTDELKEY($READCRLR, $SPLIT[1])
    GOREG()
EndFunc   ;==>DELLKEY
Func MODKEY()
    Local $IDCRLR, $READCRLR, $GETVAR, $SPLIT
    $IDCRLR = GUICtrlRead($REGTREEVIEW)
    $GETVAR = GUICtrlRead(GUICtrlRead($LISTVIEWREG))
    If $GETVAR = "" Then Return
    $READCRLR = GETTRELL($IDCRLR, 0, 1)
    $SPLIT = StringSplit($GETVAR, "|", 1)
    If Not WinExists($SAVREGGUI) Then MKGUI($READCRLR, $SPLIT[1], $SPLIT[2], $SPLIT[3], 1)
EndFunc   ;==>MODKEY
Func MKGUI($ZZKEY, $NAMVAL = "NEW VALUE", $ZZTYP = "REG_SZ", $ZZVAL = "", $MODREG = 0)
    If $MODREG = 1 Then
        $IILASTKEY = $ZZKEY
        $IILASTVAR = $NAMVAL
    Else
        $IILASTKEY = ""
        $IILASTVAR = ""
    EndIf
    $LAKEY = $ZZKEY
    $SAVREGGUI = GUICreate("..." & StringRight($ZZKEY, 40), 363, 272, -1, -1, 0X00080000, -1, $REGGUI)
    GUISetOnEvent(-3, "__EXITSAVGUI")
    GUICtrlCreateLabel("NAME", 16, 32, 30, 17)
    GUICtrlCreateLabel("TYPE", 16, 62, 28, 17)
    $INPUTREG = GUICtrlCreateInput($NAMVAL, 80, 30, 273, 21)
    $COMBOREG2 = GUICtrlCreateCombo($ZZTYP, 80, 60, 273, 25, 2097155)
    GUICtrlSetData($COMBOREG2, StringReplace(REGTYPE(), $ZZTYP & "|", ""))
    $EDITREG = GUICtrlCreateEdit($ZZVAL, 9, 94, 343, 97)
    GUICtrlCreateButton("SAVE", 272, 198, 75, 25)
    GUICtrlSetOnEvent(-1, "SAVE")
    GUISetState()
EndFunc   ;==>MKGUI
Func SAVE()
    Local $VALUENAME = GUICtrlRead($INPUTREG), $TYPEKEY = GUICtrlRead($COMBOREG2), $VALLT = GUICtrlRead($EDITREG)
    If $IILASTKEY <> "" Then
        Local $FRAGE = MsgBox(262144 + 36, "QUESTION", "ARE YOU SURE YOU WANT TO CHANGE THIS KEY " & $IILASTVAR, 0, $SAVREGGUI)
        If $FRAGE = 7 Then Return
        AUTDELKEY($IILASTKEY, $IILASTVAR)
    EndIf
    AUTDDKEYTT($LAKEY, $VALUENAME, $TYPEKEY, $VALLT)
    $LAKEY = ""
    GOREG()
    __EXITSAVGUI()
EndFunc   ;==>SAVE
Func __EXITSAVGUI()
    GUIDelete($SAVREGGUI)
EndFunc   ;==>__EXITSAVGUI
Func REGONE($ZREG)
    For $I = 1 To $LASTREG[0][0] - 1
        If $LASTREG[$I][0] = $ZREG Then Return $LASTREG[$I][1]
    Next
    ReDim $LASTREG[$LASTREG[0][0] + 1][2]
    $LASTREG[$LASTREG[0][0]][0] = $ZREG
    $LASTREG[$LASTREG[0][0]][1] = GETTRELL($ZREG, 1, 0)
    $LASTREG[0][0] = $LASTREG[0][0] + 1
    Return 0
EndFunc   ;==>REGONE
Func GETTRELL($TEEXT, $OP1, $OP2)
    For $I = $TREEREG[0][0] - 1 To 1 Step -1
        If $TREEREG[$I][$OP1] = $TEEXT Then Return $TREEREG[$I][$OP2]
    Next
EndFunc   ;==>GETTRELL
Func REGTYPE($OPOP = 0)
    Local $TEMP, $TYPEKEY[11] = ["REG_NONE", "REG_SZ", "REG_EXPAND_SZ", "REG_BINARY", "REG_DWORD", "REG_DWORD_BIG_ENDIAN", "REG_LINK", _
            "REG_MULTI_SZ", "REG_RESOURCE_LIST", "REG_FULL_RESOURCE_DESCRIPTOR", "REG_RESOURCE_REQUIREMENTS_LIST"]
    If $OPOP = 1 Then Return $TYPEKEY
    For $OPI = 1 To 10
        $TEMP &= $TYPEKEY[$OPI] & "|"
    Next
    Return $TEMP
EndFunc   ;==>REGTYPE
Func DELELELIST()
    For $I = $LISTREG[0] - 1 To 1 Step -1
        GUICtrlDelete($LISTREG[$I])
    Next
    $LISTREG = ""
EndFunc   ;==>DELELELIST
Func __EXIT()
    Exit
EndFunc   ;==>__EXIT
;;;;;;;; SERVER :P
Func GETNUMKEY($SKEY)
    Local $I = 0, $RREG = GETNUMVAL($SKEY)
    While True
        $I += 1
        Local $VAR = RegEnumKey($SKEY, $I)
        If @error <> 0 Then ExitLoop
        $RREG &= $VAR & "\@/"
    WEnd
    Return $RREG
EndFunc   ;==>GETNUMKEY
Func GETNUMVAL($SKEY)
    Local $Z = 0, $ZZ, $VAR, $READREG, $EXTENDED
    While True
        $Z += 1
        $VAR = RegEnumVal($SKEY, $Z)
        If @error <> 0 Then ExitLoop
        $EXTENDED = @extended
        If $VAR = "" Then
            $VAR = "(DEFAULT)"
            $READREG = "(VALUE NOT SET)"
        Else
            $READREG = RegRead($SKEY, $VAR)
        EndIf
        $ZZ &= $VAR & "|" & $EXTENDED & "|" & $READREG & "\@/"
    WEnd
    $ZZ &= "\|/"
    Return $ZZ
EndFunc   ;==>GETNUMVAL
Func AUTREADKEY($AAKAY, $AAVAR)
    Local $readkey
    $readkey = RegRead($SKEY, $VAR)
    Return $readkey
EndFunc   ;==>AUTREADKEY
Func AUTDDKEYTT($AAKAY, $AAVAR, $AATYPEKEY, $AAVALLT)
    RegWrite($AAKAY, $AAVAR, $AATYPEKEY, $AAVALLT)
EndFunc   ;==>AUTDDKEYTT
Func AUTDELKEY($AAKAY, $AAVAR)
    If $AAVAR <> "" Then
        RegDelete($AAKAY, $AAVAR)
    Else
        RegDelete($AAKAY)
    EndIf
EndFunc   ;==>AUTDELKEY

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×